I wanted to ask a question about the ondemand TLS.
{
on_demand_tls {
ask http://localhost:5000/domains
interval 2m
burst 5
}
}
I want to limit on-demand TLS to only provision certs for valid customers’ domains. I understand I have to use the ask directive. Please, is there any sample of how the domains returned should be structured, is it an array or object? Kindly assist
Caddy makes a GET request to your ask endpoint. It will add a query param called domain and put the requesting domain as the value. Caddy expects a 200 status back to issue the TLS cert. Anything else will reject the certificate issuance.
So if your ask is https://myservice.com/check, caddy will make a call to it like so: https://myservice.com/check?domain=customerdomain.com and expect a 200 back if your service approves it.
awesome, thank you
This topic was automatically closed after 30 days. New replies are no longer allowed.